Current ipmitool shows cryptic errors when user provides wrong username or
password when using lan or lanplus interface. BMC usually does not return
clear error code when invalid password is used to authenticate messages, so
only a hint with questionmark is shown.
(diff-like +/- lines shows ipmitool output after/before my patch):
$ ipmitool -I lan -H host -U user -P invalid_pass chassis status
-Activate Session command failed
+Activate Session command failed (invalid password?)
Error: Unable to establish LAN session
Error sending Chassis Status command
$ ipmitool -I lanplus -H host -U invalid_user -P pass chassis status
+RAKP 2 message indicates an error : unauthorized name
Error: Unable to establish IPMI v2 / RMCP+ session
Error sending Chassis Status command
$ ipmitool -I lanplus -H host -U user -P invalid_pass chassis status
+RAKP 2 HMAC is invalid (invalid password?)
Error: Unable to establish IPMI v2 / RMCP+ session
Error sending Chassis Status command
Signed-off-by: Jan Safranek <jsafr...@redhat.com>
---
src/plugins/lan/lan.c | 2 +-
src/plugins/lanplus/lanplus.c | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/plugins/lan/lan.c b/src/plugins/lan/lan.c
index 667eaf6..33e862f 100644
--- a/src/plugins/lan/lan.c
+++ b/src/plugins/lan/lan.c
@@ -1682,7 +1682,7 @@ ipmi_activate_session_cmd(struct ipmi_intf * intf)
rsp = intf->sendrecv(intf, &req);
if (rsp == NULL) {
- lprintf(LOG_ERR, "Activate Session command failed");
+ lprintf(LOG_ERR, "Activate Session command failed (invalid
password?)");
s->active = 0;
return -1;
}
diff --git a/src/plugins/lanplus/lanplus.c b/src/plugins/lanplus/lanplus.c
index cccb4d4..41bd2a9 100644
--- a/src/plugins/lanplus/lanplus.c
+++ b/src/plugins/lanplus/lanplus.c
@@ -3009,7 +3009,7 @@ ipmi_lanplus_rakp1(struct ipmi_intf * intf)
if (rsp->payload.rakp2_message.rakp_return_code !=
IPMI_RAKP_STATUS_NO_ERRORS)
{
- lprintf(LOG_INFO, "RAKP 2 message indicates an error : %s",
+ lprintf(LOG_ERR, "RAKP 2 message indicates an error : %s",
val2str(rsp->payload.rakp2_message.rakp_return_code,
ipmi_rakp_return_codes));
rc = 1;
@@ -3032,7 +3032,7 @@ ipmi_lanplus_rakp1(struct ipmi_intf * intf)
intf))
{
/* Error */
- lprintf(LOG_INFO, "> RAKP 2 HMAC is invalid");
+ lprintf(LOG_ERR, "RAKP 2 HMAC is invalid (invalid
password?)");
session->v2_data.rakp2_return_code =
IPMI_RAKP_STATUS_INVALID_INTEGRITY_CHECK_VALUE;
rc = 1;
}
------------------------------------------------------------------------------
Throughout its 18-year history, RSA Conference consistently attracts the
world's best and brightest in the field, creating opportunities for Conference
attendees to learn about information security's most important issues through
interactions with peers, luminaries and emerging and established companies.
http://p.sf.net/sfu/rsaconf-dev2dev
_______________________________________________
Ipmitool-devel mailing list
Ipmitool-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipmitool-devel
